Australia lawyers’ group: Draft cyber laws would curb rights

By ROD McGUIRKOctober 19, 2018

CANBERRA, Australia (AP) — The president of Australia’s top lawyers’ group told a parliamentary inquiry that proposed cybersecurity laws to force global technology companies such as Facebook and Google to help police by unscrambling encrypted messages sent by extremists and other criminals would significantly limit individuals’ privacy and freedom.

A parliamentary committee on Friday began examining a bill introduced last year that is modeled on Britain’s Investigatory Powers Act. That law has given British intelligence agencies some of the most extensive surveillance powers in the Western world.

The Australian bill would give security agencies new powers to demand that tech companies help them decrypt data.

Arthur Moses, Law Council of Australia’s president-elect, told the committee that a secret service officer could be able to use the proposed law to side-step the need for a warrant to arrange a phone intercept.

The bill also places no time limit on how long a telecommunications employee can be held to assist law enforcement and security agencies, which is arguably detention, Moses said.

“The bill, as presently drafted, would authorize the exercise of intrusive covert powers with the potential to significantly limit an individual’s right to privacy, freedom of expression, and liberty,” Moses told the committee by telephone from Sydney.

Eric Wenger, director of cybersecurity and privacy policy at the U.S. technology giant Cisco Systems, warned that the government could place Australia and its companies at a competitive disadvantage if their data was not regarded as secure.

“You shouldn’t overlook that there is a concern ... in terms of competitiveness for Australia that companies might choose to limit further investment in a market where they do not believe that the technology is adequately secure to protect their customers, their operations and their information,” Wenger told the committee by video link from Washington.

“You want to make sure that you’re ensuring that Australian companies that are building technology are viewed as being at the forefront of being able to secure it,” Wenger added.

Duncan Lewis, director-general of the Australian Security Intelligence Organization, told the committee that extremists where sharing encrypted messages that Australia’s main secret service could not intercept or read.

Australian Federal Police Commissioner Andrew Colvin said encryption issues were hampering criminal investigations at all levels.

Some experts have warned that weakening end-to-end encryption services so that police could eavesdrop would leave communications vulnerable to hackers.

But the draft law states that tech companies cannot be required to build systemic weaknesses — also known as backdoors — into their encrypted services to allow intercepts. But the bill does not define what the term “systemic weakness” means.

Australia has described the growth of encrypted communication applications such as WhatsApp, Signal, Facebook Messenger and iMessage as potentially the greatest degradation of intelligence and law enforcement capability in decades.

Australia was a major driver of a statement agreed at the Group of 20 leaders’ summit in Germany last year that called on the tech industry to provide “lawful and non-arbitrary access to available information” needed to protect against terrorist threats.